BACK TO INTEL

Archives

Classification

Clear Filter
Application Security
Cloud Infrastructure
Enterprise Infrastructure
Enterprise IT Infrastructure
Enterprise Networking
Enterprise Security
Enterprise Software
ERP
Information Technology
Infrastructure
Infrastructure Security
Microsoft
Network Appliances
Network Infrastructure
Network Security
Networking
Open Source
Operating Systems
Software
Software Development
Software Security
Technology
Java Development
Expression Language Injection
Microsoft Windows
Windows
Virtualization
Vulnerability
Web Hosting
Web Security
Windows Ecosystem

FeedExpression Language Injection

Verified advisories, vulnerability disclosures, and architectural research.

CVE-2021-45046

Critical Security Advisory: Addressing the Apache Log4j2 Incomplete Fix (CVE-2021-45046)

Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations.

Log4j2
View Detail